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CLAIMS 

What is Claimed is: 





1 


1. 


A system for ccaitroUing access to digital services comprising: 




2 


(a) 


a control center configured to coordinate and provide digital services; 




3 


(b) 


an uplink center configured to receive the digital services fiom the control center 




4 


and transmit tiie digital services to a satellite; 




5 


(c) 


the satellite configured to: 




6 




(i) receive the digital services from the uplink center; 
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(ii) process the digital services; and 




8 




(iii) transmit the digital services to a subscriber receiver station; 


p 
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(d) 


the subscriber receiver station configured to: 




10 




Ci) receive the digital services from the satellite; 
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(ii) control access to the digital services through an integrated 


fz 3 
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receiver/decoder (IRD); 


fij 
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(e) 


a conditional access module (CAJVQ communicatively coupled to the IRD, 




14 


wherein the CAM comprises: 




15 




(1) a nonvolatile memory component, wherein: 




16 




( 1 ) the nonvolatile memory component is used to contain state 




17 




information to provide desired fimctionality and enforce one or more security 




18 




policies for accessing the digital smdces; and 




19 




(2) the nonvolatile memory component is protected fixrni 




20 




modification sudi that the nonvolatile memory component is read only; and 




21 




(3) access to the nonvolatile memory component is isolated; 




22 




(ii) a hidden non-modifiable identification number embedded into flie 




23 


nonvolatile manoiy component, wherein the identification numb^ uniquely identifies flie 




24 


CAM; and 



-22- 



a fixed state custom logic block, w4ierein the nonvolatile memory 
component is not directly accessible via a system bus and access to liie nonvolatile 
memory component is limited to the custom logic block. 

2. The system of claim 1 wherein the nonvolatile memory component is isolated 
such that a system input/output module, microprocessor, or external environment is prevented 
jfrom direct access to the identification number. 

3 . The system of claim 1 wherein the identification number is embedded after 
manufecturing. 

4. The system of claim 1 wherein the custom logic block is permitted to read the 
identification number. 

5 . The system of claim 4 wherein a function defined in the custom logic block 
specifies an operation to be performed using the hidden identification number. 

6. The system of claim 1 ftirther comprising a onetime programmable memory 
protected by a hardware fiise that isolates the identification number fix)m the microprocessor 
after the identification number is written. 

7. The system of claim 1 wherein the custom logic block is configured to embed 
the identification number into the nonvolatile memory component. 

8. The system of claim 1 fiiither comprising a microprocessor that is configured to 
embed the identification number into the nonvolatile memory component 

9. The system of claim 1 wherein access to the digital services is rejected when the 
hidden non-modifiable identification number is on a list of unauthorized idaitification numbers. 



10. A method for limiting unauthorized access to digital services comprising: 
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2 


(a) embedding a hidden non-modifiable identification number into a nonvolatile 




3 


memory component, wherein: 




4 


(i) the nonvolatile memory component is used to contain state infonnation 




5 


to provide desired fiinctionality and enforce one or more security policies for accessing 




6 


flie digital services; 




7 


(ii) the hidden non-modifiable identification number uniquely identifies a 




o 
o 


device containing the nonvolatile memory component; and 




9 


(lii) access to the digital services is based on access rights associated with 


Q 


10 


the hidden non-modifiable identification number; and 


yi 

lii 
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(b) isolating access to the nonvolatile memory component such that access to tiie 




12 


nonvolatile memory component is limited to a fixed state custom logic block, the nonvolatile 




13 


memory component is protected such that the nonvolatile memory component is read only, and 
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the nonvolatile memory component is not direcfly accessible via a system bus. 


61 


1 


1 1 . The method of claim 1 0 wherein the nonvolatile memory component is isolated 


ry 


1 


by preventing a system input^output module, microprocessor, or extemal environment fi-om 




3 


direct access to the identification number. 




1 
1 


12. The method of claim 1 0 wherein the identification number is embedded afler 




2 


manufacturing. 




1 


1 3 . Tlie method of claim 1 0 wherein the custom logic block is permitted to read the 




2 


identification number. 




1 


14. The method of claim 1 3 wherein a fimction defined in the custom logic block 




2 


specifies an operation to be performed using the hidden identification number. 




1 


1 5. The method of claim 1 0 wherein the identification number is embedded using a 




2 


onetime programmable memory protected by a hardware fiise that isolates the identification 




3 


number from the microprocessor after the identification number is written. 
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1 


1 6. The method of claim 1 0 wherein the custom logic block embeds tiie 




2 


identification number into the nonvolatile memory component 




1 


1 7. The method of claim 1 0 wherein a microprocessor embeds the identification 




2 


number into the nonvolatile memory component 




1 


1 8. The method of claim 1 0 fijrther comprising rejecting access to the digital 




2 


services when the hidden non-modifiable identification number is on a list of unauthorized 




3 


identification numbers. 
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19. A conditional access module (CAM), comprising: 




2 


(a) a nonvolatile memory component, wherein: 


01 


3 


(i) the nonvolatile memory component is used to contain state informatinn 


nJ 


4 


to provide desired fimctionality and enforce one or more security policies for accessing 




5 


digital services; and 




6 


(ii) the nonvolatile memory component is protected fi-om modification such 




7 


that the nonvolatile memory component is read only; and 




8 


(iii) access to the nonvolatile memory component is isolated; 




9 


(b) a hidden non-modifiable identification number embedded into the nonvolatile 




lU 


memory component, wherein the identification number uniquely identifies the CAM; and 




11 


(c) a fixed state custom logic block, wherein the nonvolatile memnrv nnmnnn^^nt iq 




12 

J. ^ 


noi airecuy accessiDie via a system bus ana access to the nonvolatile memory component is 




13 


limited to the custom logic block. 




1 


20. The CAM of claim 19 wherein the nonvolatile m^oiy component is isolated 




2 


such that a system input/output module, microprocessor, or extemal environment is prevented 




3 


fi*om direct access to the identification number. 




1 


2 1 . The CAM of claim 1 9 wherein the identification number is embedded after 




2 


manufecturing. 
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1 22. The CAM of claim 1 9 wherein the custom logic block is pemiitted to read the 

2 identification number, 

1 23 . The CAM of claim 22 wherein a function defined in tiie custom logic block 

2 specifies an operation to be performed using the hidden identification number. 

1 24. The CAM of claim 1 9 fiulher comprising a onetime programmable memory 

2 protected by a hardware fiise that isolates the identification number &om the microprocessor 

3 after the identification number is written. 

1 25. The CAM of claim 19 wherein the custom logic block is configured to embed 

2 the identification number into the nonvolatile memory component 

1 26. The CAM of claim 1 9 further comprising a microprocessor lhat is configured to 

2 embed the identification number into the nonvolatile memory component. 

1 27. The CAM of claim 1 9 whereia access to the digital services is rejected when 

2 the hidden non-modifiable identification number is on a list of unauthorized identification 

3 numbers. 

1 28. An article of manufectiuie for limiting unauthorized access to digital services 

2 comprising: 

3 (a) memis for embedding a hidden non-modifiable identification number into a 

4 nonvolatile memory component, whei-ein: 

5 (i) the nonvolatile memory component is used to contain state information 

6 to provide desired fimctionality and enforce one or more security policies for accessing 

7 the digital services; 

8 (ii) the hidden non-modifiable identificatfon number uniquely identifies a 

9 device containing the nonvolatile memory component; and 
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(iii) access to the digital services is based on access rights associated with 
the hidden non-modifiable identification number; and 

(b) means for isolating access to the nonvolatile memory component such that 
access to the identification number is limited to a fixed state custom logic block, the nonvolatile 
memory component is protected 6om modification such that the nonvolatile memory component 
is read only, and the nonvolatile memory component is not directiy accessible via a system bus. 

29. The article of manufecture of claim 28 wherein the nonvolatile memory 
component is isolated by preventing a system input/output module, microprocessor, or external 
environment &om direct access to the identification number. 

30. The article of manufacture of claim 28 wherein the identification number is 
embedded afler manufacturing. 

3 1 . The article of manufacture of claim 28 wherein the custom logic block is 
permitted to read the identification number. 

32. The article of manufacture of claim 3 1 wherein a function defined in the custom 
logic block specifies an operation to be performed using the hidden identification number. 

33. The article of manufecture of claim 28 wherein the identification number is 
embedded using a onetime programmable memory protected by a hardware fiise that isolates 
the identification number fi-om the microprocessor after the identification number is written. 

34. The article of manufecture of claim 28 wherein the custom logic block embeds 
the identification number into the nonvolatile memory component 

3 5 . The article of manufecture of claim 28 wherein a microprocessor embeds the 
identification number into the nonvolatile memory component. 
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36. The article of manufecture of claim 28 fiirther comprising means for rejecting 
access to the digital services when the hidden non-modifiable identification number is on a list of 
unauthorized identification numbers. 



